Rupture is a framework for easily conducting BREACH and other compression-based attacks.
For more information, please visit Rupture's home page: RuptureIt
Authors
Rupture is developed by:
- Dimitris Karakostas dimit.karakostas@gmail.com
- Dionysis Zindros dionyziz@gmail.com
- Eva Sarafianou eva.sarafianou@gmail.com
Installation
You can install the whole framework as follows:
- Install rupture.
rupture/ $ ./install.sh allJavascript
Rupture uses Javascript for communication between the client code and the realtime server. Client code is compiled using babel and server code is run on Node.js .
Injection
- Install injection.
rupture$ ./install.sh injectionClient
- Install client.
rupture$ ./install.sh clientPython
Rupture uses Python for the Command & Control server. Communication between js realtime server and Python backend is performed with a Django API endpoint.
Backend
- Install backend.
rupture/ $ ./install.sh backendSniffer
- Install sniffer.
rupture/ $ ./install.sh snifferExecution
Backend
- Edit following configuration scripts:
- rupture/backend/target_config.yml
- rupture/backend/victim_config.yml
- Setup backend.
rupture $ ./rupture setup- Deploy backend.
rupture $ ./rupture backendRealtime
- Deploy realtime.
rupture $ ./rupture realtimeSniffer
- Deploy sniffer.
rupture $ ./rupture snifferAttack
- You can also deploy backend, realtime and sniffer modules all together:
rupture/ $ sudo ./rupture attackClient
- Client code is in following directory:
- rupture/client/client_
- Open the following test HTML page in browser:
- rupture/client/client_/test.html
rupture/client/client_<id> $ ./inject.sh
